← Back

Invite Anyone Project

invite_anyone_project

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Invite Anyone
invite_anyone
3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-18545
1Invite Anyone Project
1Invite Anyone
Nov 21, 2024
Aug 16, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input.
CVE-2017-18544
1Invite Anyone Project
1Invite Anyone
Nov 21, 2024
Aug 16, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF.
CVE-2017-18543
1Invite Anyone Project
1Invite Anyone
Nov 21, 2024
Aug 16, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations.